Business & Technology

Operational Technology Needs a Specialized SD-WAN Solution

By Peter Newton | December 02, 2020

Fortinet Introduces the FortiGate Rugged 60F, the First Ever SD-WAN Appliance for OT Environments

Software-defined wide-area networking (SD-WAN) has been growing rapidly on the corporate side of many organizations. Its benefits have been convincing CIO’s everywhere to ditch their expensive MPLS links for a better WAN technology for connecting their branch locations. Recently, the OT side of the house has started to realize that SD-WAN makes a lot of sense for their distributed operational environments as well. As a result, OT environments are adopting SD-WAN to realize key benefits including reliable connectivity, simplified management, and lower total cost of ownership. Of course, OT asset operators have some specialized needs for deploying an SD-WAN solution at their non-environmentally controlled locations that include, among others, something that is secure, compact, rugged, and able to be remotely deployed, managed, and monitored.

OT Environments Need a Secure SD-WAN Solution

Shifting to a SD-WAN model does require careful consideration of the impact of connecting directly to the internet. The security implications of direct access to cloud and internet resources can potentially have even greater impact in an OT environment than they would in a corporate branch SD-WAN deployment. Shifting from traditional WAN to SD-WAN adds additional risk exposure, since internet-connected traffic is no longer backhauled to a data center for centralized security checks. Unfortunately, most SD-WAN products are based on routing technology—designed primarily to look for the best connectivity path for traffic. Most SD-WAN solutions on the market today do not offer built-in security. Any increase in OT vulnerability is a serious issue, since these industries are facing an onslaught of targeted attacks. The vast majority (90%) of organizations experienced at least one OT system intrusion in the past year—and 65% had three or more. OT outages or disruptions caused by an attack can have a huge impact on productivity, efficiency, and even safety. A typical SD-WAN solution lacks many critical security capabilities required to protect OT networks.

OT Environments Need a Compact SD-WAN Solution

Many remote OT environments have limited space, which requires a solution that combines many features into a single compact form factor, including SD-WAN, advanced routing and next-generation firewall security. This type of compact solution has the additional benefit of reducing costs and simplifying operations for network analysts. Additionally, some OT sites have unique mounting and power requirements not found in traditional IT wiring closets.

OT Environments Need a Rugged SD-WAN Solution

OT organizations operate in all kinds of environments, and in sites of all kinds of sizes—from large campuses with air-conditioned buildings to small installations in remote locations without any carpeted spaces. Some environments can be prohibitively harsh for normal IT gear due to extreme physical conditions, such as:

  • Electrical substations
  • Oil rig platforms
  • Factories
  • Hydroelectric plants
  • Warehouses/distribution centers
  • Airports
  • Ships

Locations such as the above require specialized electronic equipment that can function within common OT environmental conditions, such as:

  • Temperature extremes
  • Moisture
  • Extreme or constant vibration
  • Electromagnetic interference (EMI)
  • Small spaces for equipment
  • Operations that use different types of power (beyond 110V or 220V)
  • Certified for the different OT industry regulations

OT Environments Need Remote Deployment, Management, and Monitoring

Another key problem of adapting SD-WAN to OT environments comes from the common need to implement these technologies at remote locations, which can be challenging because these sites often have limited or no technical personnel. In remote deployment situations, the SD-WAN solution needs coherent security policies that protect the site from the very first moments the system is up and running. 

Fortinet Delivers Secure SD-WAN for Operational Technology 

With no good options on the market that hit all their requirements, it’s been difficult for Operational Technology to adopt SD-WAN in all locations. Fortinet’s new FortiGate Rugged 60F series is a first-of-its-kind ruggedized appliance that addresses the unique concerns of OT organizations, allowing them to extend SD-WAN deployments to harsh environments. It is also the industry’s first secure SD-WAN appliance certified to perform in operational technology environments, including IEC 61850-3 and IEEE 1613 certifications. Features include:

  • Industry-leading Security: Built upon the FortiGate 60 series – the fastest, most powerful desktop Secure SD-WAN appliance and best-selling next-generation firewall with over 1.65 million units sold worldwide.
  • Small Footprint: Combines industry-leading SD-WAN, advanced routing and next-generation firewall security in a single, compact form factor, enabling it to be deployed in the tight spaces found in these OT locations. This has the additional benefit of reducing costs and simplifying operations for network analysts.
  • Flexible Mounting and Power: Designed specifically for deployment in smaller OT sites that require DIN rail mounting (or standard 1U racks) and power options than found in traditional IT wiring closets.   
  • Built Tough: Specifically designed to function in harsh environmental conditions, these units can handle extreme temperatures, electromagnetic interference, high moisture, and extreme or constant vibration.
  • Built-in LTE connectivity: Comes with an option for built-in LTE to provide an additional WAN connectivity option as well as easier deployment and operation for remote locations.

Specially built for OT environments, the FortiGate Rugged 60F series enables the easy deployment of Fortinet’s industry leading Secure SD-WAN solution in locations never before possible for OT organizations in industries such as utilities and energy, manufacturing, and transportation. Fortinet uniquely delivers a Security-driven Networking approach to SD-WAN, converging networking and security into a unified Secure SD-WAN solution with centralized orchestration. Combined with the Fortinet Security Fabric, this gives customers one solution that covers the entire converged IT-OT network to close OT security gaps, deliver full visibility, and provide simplified management.

Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution. Join our webinar to learn more about Fortinet's Secure SD-WAN solution for operational technology environments.

Read this customer case study to see how Sullair Argentina implemented Fortinet’s Secure SD-WAN to secure the network that supports its critical infrastructure assets.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.